45 matches found
CVE-2022-27442
TPCMS v3.2 allows attackers to access the ThinkPHP log directory and obtain sensitive information such as the administrator's user name and password...
EUVD-2021-23147
Malware in sbrugna...
EUVD-2021-23146
Malware in sbrugna...
EUVD-2022-33954
Malicious code in bioql PyPI...
EUVD-2022-31944
Malicious code in bioql PyPI...
EUVD-2022-31945
Malicious code in bioql PyPI...
CVE-2022-27441
A stored cross-site scripting XSS vulnerability in TPCMS v3.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Phone text box...
CVE-2022-29624
An arbitrary file upload vulnerability in the Add File function of TPCMS v3.2 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2021-36544
Incorrect Access Control issue discovered in tpcms 3.2 allows remote attackers to view sensitive information via path in application URL...
CVE-2021-36545
Cross Site Scripting XSS vulnerability in tpcms 3.2 allows remote attackers to run arbitrary code via the cfgcopyright or cfgtel field in Site Configuration page...
TPCMS Cross-Site Scripting Vulnerability (CNVD-2023-09603)
TPCMS is a source of happiness Source of Happiness individual developers of an open source content management system. A cross-site scripting vulnerability exists in TPCMS version 3.2. A remote attacker can exploit this vulnerability to run arbitrary code via the cfgcopyright or cfgtel fields in t...
TPCMS Access Control Error Vulnerability (CNVD-2023-09604)
TPCMS is a source of happiness Source of Happiness individual developers of an open source content management system. An access control error vulnerability exists in TPCMS version 3.2. A remote attacker could exploit this vulnerability to obtain sensitive information via the application URL...
CVE-2021-36545
Cross Site Scripting XSS vulnerability in tpcms 3.2 allows remote attackers to run arbitrary code via the cfgcopyright or cfgtel field in Site Configuration page...
CVE-2021-36544
Incorrect Access Control issue discovered in tpcms 3.2 allows remote attackers to view sensitive information via path in application URL...
CVE-2021-36544
Incorrect Access Control issue discovered in tpcms 3.2 allows remote attackers to view sensitive information via path in application URL...
Cross site scripting
Cross Site Scripting XSS vulnerability in tpcms 3.2 allows remote attackers to run arbitrary code via the cfgcopyright or cfgtel field in Site Configuration page...
Improper access control
Incorrect Access Control issue discovered in tpcms 3.2 allows remote attackers to view sensitive information via path in application URL...
CVE-2021-36545
The CVE-2021-36545 entry refers to a Cross-Site Scripting (XSS) vulnerability in tpcms version 3.2 where the cfg_copyright and cfg_tel fields in the Site Configuration page can be exploited to run arbitrary code remotely. Affected software: tpcms 3.2; vulnerable component: Site Configuration inpu...
CVE-2021-36545
Cross Site Scripting XSS vulnerability in tpcms 3.2 allows remote attackers to run arbitrary code via the cfgcopyright or cfgtel field in Site Configuration page...
CVE-2021-36544
CVE-2021-36544 describes an access-control vulnerability in tpcms 3.2 where remote attackers can view sensitive information by manipulating the URL path. Multiple connected documents (NVD, Red Hat, CNVD, CNVD-derived references, and related catalogs) consistently identify it as an improper access...